SYSTEM AND METHOD FOR SIMULATING NETWORK SECURITY THREATS AND ASSESSING NETWORK SECURITY
First Claim
Patent Images
1. A security assessment system for a computer network, comprising:
- one or more security assessment computers controlled by a security assessor, and connected to a network; and
first executable program code for acting as an agent on a first end device on the network, the first executable program code configured to be executed by a browser application of the first end device,wherein the first executable program code is configured to initiate a simulation by requesting information from at least a first security assessment computer of the one or more security assessment computers.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method of security assessment of a network is described. The system may include one or more security assessment computers controlled by a security assessor, and connected to a network, and first executable program code for acting as an agent on a first end device on the network. The first executable program code is configured to be executed by a browser application of the first end device, and is configured to initiate a simulation by requesting information from at least a first security assessment computer of the one or more security assessment computers.
65 Citations
25 Claims
-
1. A security assessment system for a computer network, comprising:
-
one or more security assessment computers controlled by a security assessor, and connected to a network; and first executable program code for acting as an agent on a first end device on the network, the first executable program code configured to be executed by a browser application of the first end device, wherein the first executable program code is configured to initiate a simulation by requesting information from at least a first security assessment computer of the one or more security assessment computers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for security assessment of a computer network, the method comprising:
-
transmitting first executable program code from a security assessor that controls one or more security assessment computers on a network to a first end device on the network, the first executable program code for acting as an agent on the first end device, and the first executable program code configured to be executed by a browser application of the first end device, wherein the first executable program code is configured to initiate the implementation of a simulation by requesting information from at least a first security assessment computer of the one or more security assessment computers. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of assessing security of a network, the method comprising:
-
at a security assessor system, receiving, from browser-executed executable program code executing on a plurality of end devices, a plurality of respective requests, each request for initiating simulation of one or more security threat techniques, tactics, or practices, wherein the plurality of end devices are part of a sub-network; and in response to the plurality of requests, sending respective instructions to the respective end devices instructing each browser-executed executable program code to simulate one or more security threat techniques, tactics, or practices. - View Dependent Claims (22, 23)
-
-
24. A method of assessing security of a network, the method comprising:
-
distributing a plurality of agents in the form of browser-executable program code to a respective plurality of end devices on a sub-network of a network; as a result of execution of the agents by browser applications on the end devices, performing a plurality of simulated security threat techniques, tactics, or practices on the sub-network; receiving information derived from the simulated security threat techniques, tactics, or practices and transmitted through the network; and based on the received information, assessing the security of the sub-network. - View Dependent Claims (25)
-
Specification